Ask Onix
Hackers claim breach of Rockstar Games servers
Rockstar Games, the studio behind the Grand Theft Auto franchise, has been targeted by hackers for the second time in three years, cybersecurity outlets reported on Saturday.
A group calling itself ShinyHunters said it accessed Rockstar's servers through a third-party cloud provider and threatened to release stolen data unless paid a ransom. The hackers, described as a prolific English-speaking cybercriminal collective believed to be teenagers, have previously claimed responsibility for breaches at major companies, including Ticketmaster.
Rockstar downplays incident
Rockstar Games responded by minimizing the breach's impact. A spokesperson told the BBC that the incident would not affect the company or its players.
"A limited amount of non-material company information was accessed in connection with a third-party data breach," the spokesperson said.
The company did not specify what data was taken or whether it had engaged with the hackers' demands.
Hackers threaten to leak data
ShinyHunters told the BBC they would publish the stolen material online after their ransom demands went unmet. Global law enforcement agencies advise against paying ransoms, warning that doing so funds criminal activity and offers no guarantee hackers will delete the data.
The group has a history of infiltrating corporate cloud storage systems, though the extent of the Rockstar breach remains unclear.
Previous attack exposed GTA 6 footage
This is Rockstar's second major hack in three years. In 2023, an 18-year-old British hacker, Arion Kurtaj, was sentenced to an indefinite hospital order after stealing and leaking 90 video clips of the unreleased Grand Theft Auto VI. The breach forced Rockstar to release its first official trailer for the game ahead of schedule.
Kurtaj was part of Lapsus$, a gang of teen hackers that targeted multiple high-profile corporations in 2022 and 2023.
Broader trend of teen-led cybercrime
The incidents highlight a growing trend of young hackers targeting major companies. ShinyHunters and Lapsus$ have both been linked to breaches at corporations worldwide, raising concerns about cybersecurity vulnerabilities in third-party cloud services.
